[Gllug] Fastest computer in the world - runs Linux
Alistair Mann
al at lgeezer.net
Tue Jun 21 19:35:04 UTC 2011
Steve Parker wrote:
> On 20/06/11 21:19, Alistair Mann wrote:
> > Steve Parker wrote:
> >> I'm not sure of the attachment rules, so I've put the screenshot
> >> of the top500 site's death at http://steve-parker.org/top500.png
> >> (full-sized version at http://steve-parker.org/top500-full.jpg)
> >> --
> >
> > When "the username is root" appears, you can be pretty sure the
> > death will be not be pretty.
> >
> To be fair, that refers to the admin account on MySQL, not on the
> server itself. I'm no MySQL expert, but it seems to be common
> practice. I create user accounts for each application that uses a
> database, but I've seen lots of LAMP docs that suggest root for the
> application login, and I'm prepared to wager that the majority of
> such installations use the same root password for MySQL as for the
> root account on the OS itself...
You're right that it refers to the MySQL login for the application
rather than the server (and your caveat about similar passwords for both
being well-placed) but it is an appalling security breach to use the
MySQL root login for a mere application. Has there not been a Principle
of Least Privilege for decades? If there really are LAMP docs suggesting
it, they need a serious cluebatting.
Cheers,
--
Alistair Mann
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list